• 2 days Iraq Begins To Rebuild Largest Refinery
  • 2 days Canadian Producers Struggle To Find Transport Oil Cargo
  • 2 days Venezuela’s PDVSA Makes $539M Interest Payments On Bonds
  • 2 days China's CNPC Considers Taking Over South Pars Gas Field
  • 2 days BP To Invest $200 Million In Solar
  • 2 days Tesla Opens New Showroom In NYC
  • 2 days Petrobras CEO Hints At New Partner In Oil-Rich Campos Basin
  • 3 days Venezuela Sells Oil Refinery Stake To Cuba
  • 3 days Tesla Is “Headed For A Brick Wall”
  • 3 days Norwegian Pension Fund Set to Divest From Oil Sands and Coal Ventures
  • 3 days IEA: “2018 Might Not Be Quite So Happy For OPEC Producers”
  • 3 days Goldman Bullish On Oil Markets
  • 3 days OPEC Member Nigeria To Issue Africa’s First Sovereign Green Bond
  • 3 days Nigeria To Spend $1B Of Oil Money Fighting Boko Haram
  • 3 days Syria Aims To Begin Offshore Gas Exploration In 2019
  • 3 days Australian Watchdog Blocks BP Fuel Station Acquisition
  • 4 days Colombia Boosts Oil & Gas Investment
  • 4 days Environmentalists Rev Up Anti-Keystone XL Angst Amongst Landowners
  • 4 days Venezuelan Default Swap Bonds At 19.25 Cents On The Dollar
  • 4 days Aramco On The Hunt For IPO Global Coordinators
  • 4 days ADNOC Distribution Jumps 16% At Market Debut In UAE
  • 4 days India Feels the Pinch As Oil Prices Rise
  • 4 days Aramco Announces $40 Billion Investment Program
  • 5 days Top Insurer Axa To Exit Oil Sands
  • 5 days API Reports Huge Crude Draw
  • 5 days Venezuela “Can’t Even Write A Check For $21.5M Dollars.”
  • 5 days EIA Lowers 2018 Oil Demand Growth Estimates By 40,000 Bpd
  • 5 days Trump Set To Open Atlantic Coast To Oil, Gas Drilling
  • 5 days Norway’s Oil And Gas Investment To Drop For Fourth Consecutive Year
  • 5 days Saudis Plan To Hike Gasoline Prices By 80% In January
  • 5 days Exxon To Start Reporting On Climate Change Effect
  • 6 days US Geological Survey To Reevaluate Bakken Oil Reserves
  • 6 days Brazil Cuts Local Content Requirements to Attract Oil Investors
  • 6 days Forties Pipeline Could Remain Shuttered For Weeks
  • 6 days Desjardins Ends Energy Loan Moratorium
  • 6 days ADNOC Distribution IPO Valuation Could Be Lesson For Aramco
  • 6 days Russia May Turn To Cryptocurrencies For Oil Trade
  • 6 days Iraq-Iran Oil Swap Deal To Run For 1 Year
  • 9 days Venezuelan Crude Exports To U.S. Fall To 15-year Lows
  • 9 days Mexico Blames Brazil For Failing Auction

Breaking News:

Iraq Begins To Rebuild Largest Refinery

The Five Mining Companies To Watch In 2018

The Five Mining Companies To Watch In 2018

The future of mining has…

Russia, China Grow Closer As The New Silk Road Unfolds

Russia, China Grow Closer As The New Silk Road Unfolds

China’s ambitious Belt and Road…

U.S. Urges Energy Companies To Be On Guard Against Russian Cyberattacks

U.S. Urges Energy Companies To Be On Guard Against Russian Cyberattacks

The U.S. Department of Homeland Security (DHS) is urging operators of the country’s critical infrastructure to check their computers carefully against the possibility they’ve been infected with malicious software from a group of hackers who are believed to be Russian.

The group is known to private malware researchers as “Energetic Bear” because it operates during Russian working hours and mostly targets Western energy companies. The U.S. security firm Symaec and F-Secure of Finland report that the group was responsible for an effort to implant the Havex Trojan infect in their victims’ computers.

On July 1, DHS’s Industrial Control Systems Cyber Emergency Response Team, or ISC-CERT, encouraged the companies to ensure that they already hadn’t been infected and offered specific steps on preventing such attacks.

According to a Symantec report on June 30, Havex is what is known as a “remote access Trojan,” or RAT, malware that secretly enters a computer to give hackers control of the machine. Symantec and F-Secure say the malware ordinarily is used only for spying, but can be modified to sabotage a machine.

In fact, Keven Haley, the director of security response at Symantec, told The New York Times that there’s no evidence that Energetic Bear is bent on eventual sabotage, but merely want to get a better understanding of how the victim companies operate. Still, he cautioned, “[T]he potential for sabotage is there.”

Symantec, F-Secure and DHS have not identified the victims of the attacks except to say they’re in the energy and other industrial fields. They said the attacks have hit at least 1,018 companies in 84 countries, though some infections could be accidental. Most of the infections were in Spain, followed by the United States, France, Italy and Germany.

Related Article: You Won't Believe How Off-Target Grid Security Really Is

The attacks consist of flooding victims with e-mails carrying malicious attachments or hyperlinks. But Energetic Bear also targets websites that are likely to be visited by the companies’ employees. In such “watering hole attacks,” as they are known, the hackers infect a website frequented by the employees, such as the online menu of a nearby restaurant, which then infects the employee’s computer.

A frightening aspect of the Energetic Bear attacks is that they do more than tamper with a computer’s software, which can be fixed relatively easily. Symantec says these hackers often go to the machine’s physical core called the BIOS, or “basic input/output system,” which ultimately renders the computer unusable.

The Energetic Bear attacks resemble Operation Olympic Games, a series of reported attacks by the United States and Israel against Iran. The campaign used the Stuxnet virus in July 2010 to sabotage Iran’s uranium enrichment plants in what Symangec calls “the first known major malware campaign to target [industrial control] systems.”

By Andy Tully of Oilprice.com



Join the discussion | Back to homepage

Leave a comment

Leave a comment

Oilprice - The No. 1 Source for Oil & Energy News